1461 Incident Response Jobs - Page 25

As a Senior Cyber Security Engineer, you will be responsible for designing and implementing security measures to protect information systems and data in a dynamic and energetic working environment. You will have the opportunity for career growth and learning while ensuring the security infrastructure is robust and effective. Your primary roles and responsibilities will include designing security architectures for complex systems, deploying security technologies such as firewalls and antivirus software, managing network security measures, conducting vulnerability assessments, and implementing access controls. Additionally, you will develop security policies, standards, and procedures to ensure compliance with relevant laws and regulations. You will play a crucial role in incident response activities, including investigation, resolution, and digital forensics, as well as providing security awareness training to promote a security-conscious culture. Your expertise in managing cybersecurity within IT applications, cloud, network, and IT infrastructure will be essential in identifying and resolving security issues. To excel in this role, you should have more than 5 years of experience in cybersecurity, a strong understanding of network and systems security principles, and proficiency in configuring security technologies. Knowledge of encryption protocols, vulnerability assessment tools, and incident response skills are also required. Excellent problem-solving, analytical, communication, and collaboration skills are essential for this position. Certifications such as Certified Information Systems Security Professional (CISSP), Certified Ethical Hacker (CEH), Certified Information Security Manager (CISM), and CompTIA Security+ are preferred qualifications. The shift timings for this position are from 8:30 AM to 5:30 PM, Monday to Friday, with health insurance and provident fund benefits available. If you thrive in high-pressure situations, have a passion for cybersecurity, and enjoy finding cost-effective solutions to cyber threats, this role offers you the opportunity to make a significant impact in the field. Your contributions will be instrumental in maintaining a secure IT environment and protecting sensitive data from potential risks and vulnerabilities.,

Job Description: As a Security Ops Lead at The Modern Data Company, you will play a crucial role in integrating security into the DevOps process to ensure that security is a fundamental component of the software development lifecycle. Your responsibilities will include bridging the gap between developers, operations, and security teams, fostering a culture of shared responsibility for security at every stage of development. By adopting this approach, you will contribute to the creation of more secure software and infrastructure, thereby reducing security risks and enhancing the overall security posture of the organization. Your key responsibilities will involve various aspects of security integration, automation, risk management, team collaboration, incident response, compliance, and customer engagement. You will be responsible for building security practices into the development lifecycle, configuring and maintaining cloud infrastructure according to industry standards, implementing automated security testing and compliance checks, detecting and resolving security vulnerabilities early in development, collaborating with cross-functional teams to embed secure coding practices, handling security incidents, ensuring compliance with security standards and regulatory requirements, and engaging with enterprise customers to understand their DevOps, security, and compliance requirements. To excel in this role, you should possess essential skills such as strong programming abilities in languages like Python, Java, or Ruby, experience with CI/CD tools, container orchestration, infrastructure as code, deep understanding of security practices, cloud security expertise, knowledge of network architecture and infrastructure security, familiarity with key compliance regulations, sharp problem-solving skills, effective communication abilities, a continuous learning mindset to stay updated with emerging security trends, and experience in incident response and technical solution presentations to enterprise customers. In terms of qualifications, you are required to have a Bachelor's degree in Computer Science, Information Security, or a related field, a proven track record in DevOps, cybersecurity, or security-focused roles, extensive expertise with cloud platforms and security architectures, hands-on experience with automation tools and container technologies, proficiency in scripting languages for security automation, comprehensive knowledge of network security and encryption protocols, familiarity with compliance frameworks and regulations, strong problem-solving abilities, exceptional communication skills, and a talent for cross-team collaboration. Working at The Modern Data Company offers a dynamic environment where our core values of Humility, Empathy, Accountability, and Transparency are highly regarded. We seek individuals who are curious, adept at problem-solving, and have a forward-thinking mindset. If you are looking to make a significant impact and explore your potential, The Modern Data Company is the ideal place for you. We offer competitive compensation, attractive benefits, and ESOPs to all our employees, fostering a culture of value creation and employee-centric policies akin to leading tech startups in Silicon Valley. Join us at The Modern Data Company and be part of a team that values innovation, collaboration, and continuous growth.,

As a Junior IT Security Engineer at Staff4Me, you will have the opportunity to contribute to the company's information security efforts while working under the guidance of senior team members. Your responsibilities will include assisting in the implementation of security controls, monitoring systems for potential threats, and participating in incident response efforts. You will also collaborate with cross-functional teams to address security risks and stay updated on emerging threats and trends in information security. Your key responsibilities will include: - Assisting in implementing and maintaining security controls to protect information systems and data. - Monitoring security systems and tools for potential threats and vulnerabilities. - Participating in vulnerability assessments and penetration testing activities. - Contributing to incident response efforts, including investigation and containment of security incidents. - Collaborating with cross-functional teams to address identified security risks. - Staying up-to-date with emerging threats and trends in information security. - Supporting security awareness initiatives and providing guidance to employees on security best practices. - Assisting in maintaining documentation of security systems, processes, and procedures. To be successful in this role, you should have: - A Bachelor's degree in Computer Science, Information Technology, or a related field. - 1+ years of experience in IT security or a related field. - Knowledge of information security principles and best practices. - Familiarity with security technologies, such as firewalls, antivirus, and intrusion detection systems. - Basic understanding of network protocols, operating systems, and cloud platforms. - Strong analytical and problem-solving skills. - Excellent attention to detail and ability to follow procedures. - Good communication and interpersonal skills. - Security certifications such as Security+, CEH, or equivalent are a plus.,

As a global group of life-saving technology companies, Halma is dedicated to pushing the boundaries of science and technology. With headquarters in the UK and operations spanning 23 countries, including regional hubs in India, China, Brazil, and the US, we have a diverse portfolio of nearly 50 companies specializing in market-leading technologies. For over 42 years, our purpose-driven approach, strategic initiatives, talented workforce, unique DNA, and sustainable business model have consistently delivered remarkable long-term growth in revenues and profits. Halma stands out as an FTSE 100 company by annually increasing dividends by 5%, a feat unparalleled by any other company on the London Stock Exchange. Why Join Us Certified as a Great Place to Work, Halma fosters an employee-centric culture based on autonomy, trust, respect, humility, work-life balance, team spirit, and approachable leadership. We provide a safe and inclusive workplace where individuality is celebrated, and everyone is encouraged to leverage their unique talents and backgrounds to drive meaningful outcomes. Position Objective: We are currently looking for dedicated cyber security professionals to join our 24/7 security operations team. In this role, you will play a crucial part in monitoring Halma Group's centralized infrastructure for malicious activities, analyzing logs to detect attack patterns, and ensuring timely responses to infiltration attempts. Additionally, you will manage technical support requests related to security devices integrated into Halma's infrastructure. Responsibilities: - Lead a team of security analysts on an 8-hour rotational shift schedule. - Conduct real-time security monitoring and respond to incidents using various tools and methodologies. - Maintain the group's infrastructure to meet service level expectations. - Develop and manage Security Information and Event Management (SIEM) use cases. - Identify and document incidents through proactive threat hunting. - Perform vulnerability assessments within Halma's network infrastructure and collaborate with stakeholders to mitigate risks. - Design and refine the Incident Response Playbook for enhanced reaction protocols. - Conduct post-incident analyses to improve Halma's incident response processes. - Propose innovative security control measures and solutions. - Provide technical support for security infrastructure, including SIEM, VPN, Antivirus, EDR, and Endpoint Management systems. - Possess a strong understanding of Windows/macOS operating systems and related security measures. - Monitor and manage security incidents for Halma's headquarters and subsidiary companies. - Utilize problem-solving skills during security incidents and alerts investigations. - Perform additional tasks such as generating vulnerability reports and contributing to process improvements. Critical Success Factors: - Resolve security incidents, support issues, and service requests within SLAs. - Contribute to enhancing processes, systems, and services provided by Halma IT. Qualifications: - Bachelor's degree in computer science or IT. Preferred Certifications: - CompTIA Security+, CEH - Microsoft Security certifications like SC-200/SC-300/SC-400 Desirable Certifications: - Any SIEM certifications, any Network certifications Experience: - 5 to 8 years of total experience. - Knowledge of vendor firewall and Remote Access solutions. - Exposure to security technologies, including Incident Response and Microsoft Sentinel. - Familiarity with Active Directory, server virtualization, and Microsoft technologies. - Experience with Microsoft Defender, Microsoft Intune, Cato Networks (VPN and Firewall), Azure Sentinel, and KQL is advantageous.,

As a Cyber Security Engineer, you will collaborate closely with the Engineering Organization, IT, Information Security, Software Engineers, and our DevOps departments. Your team will ensure our back-end and front-end services, cloud infrastructure, DevOps pipelines, data pipelines, software and embedded platforms are secured in the most efficient manner. You will work to develop new systems and procedures to counteract threat vectors that arise within our cloud and embedded environments. The ideal candidate will be a meticulous problem solver who can work under pressure when required and will remain current with the latest attack trends and technologies. Other duties to include: Cloud Security Posture Management: Participate in the planning, development, implementation and management of security measures across various cloud platforms to ensure robust security. Threat Detection and Analysis: Utilize advanced security tools like Wiz, BurpSuite, Sumologic, and Sonarqube to identify, analyze, validate, and stop vulnerabilities from entering the environment. Perform regular penetration testing and vulnerability assessments. Data Analysis and Security Monitoring: Conduct comprehensive analysis of security data from microservice architectures, content distribution networks, data lakes, serverless functions, and databases. Use SIEM tools to correlate security events and identify anomalies. Incident Response and Management: Participate in incident response efforts, perform root cause analysis, and implement or suggest corrective actions to mitigate security breaches. Develop and maintain incident response playbooks. Supply Chain Security: Assess and mitigate security risks associated with the supply chain, like open source libraries, ensuring end-to-end security. Software Security Flaws Mitigation: Identify and address software security flaws and misconfigurations to enhance overall security posture. Perform code reviews and static/dynamic analysis. Languages include but not limited to Python, C++, C#, JS, Python, HCL. Security Solutions Development: Develop and implement custom security solutions, minimizing reliance on paid services. Create security automation scripts and integrate security tools into CI/CD pipelines. Automating Security Test Functions: Develop and implement automated security testing functions to ensure continuous security validation. What we offer: Culture of caring. At GlobalLogic, we prioritize a culture of caring. Across every region and department, at every level, we consistently put people first. From day one, you'll experience an inclusive culture of acceptance and belonging, where you'll have the chance to build meaningful connections with collaborative teammates, supportive managers, and compassionate leaders. Learning and development. We are committed to your continuous learning and development. You'll learn and grow daily in an environment with many opportunities to try new things, sharpen your skills, and advance your career at GlobalLogic. With our Career Navigator tool as just one example, GlobalLogic offers a rich array of programs, training curricula, and hands-on opportunities to grow personally and professionally. Interesting & meaningful work. GlobalLogic is known for engineering impact for and with clients around the world. As part of our team, you'll have the chance to work on projects that matter. Each is a unique opportunity to engage your curiosity and creative problem-solving skills as you help clients reimagine what's possible and bring new solutions to market. In the process, you'll have the privilege of working on some of the most cutting-edge and impactful solutions shaping the world today. Balance and flexibility. We believe in the importance of balance and flexibility. With many functional career areas, roles, and work arrangements, you can explore ways of achieving the perfect balance between your work and life. Your life extends beyond the office, and we always do our best to help you integrate and balance the best of work and life, having fun along the way! High-trust organization. We are a high-trust organization where integrity is key. By joining GlobalLogic, you're placing your trust in a safe, reliable, and ethical global company. Integrity and trust are a cornerstone of our value proposition to our employees and clients. You will find truthfulness, candor, and integrity in everything we do.,

As a Senior Major Incident Manager at FIS, you will have the opportunity to lead and coordinate the incident response team during critical service disruptions in a 24/7 rotational shift environment. Your primary responsibility will be to ensure that service level agreements are met to support both clients and the company's mission-critical business requirements. You will be expected to make quick decisions about escalation and prioritization, manage the incident timeline through proper documentation, and oversee the bridge call or incident war room. Regular status updates to leadership and affected business units will also be part of your role, along with coordinating with external vendors or third-party providers if necessary. In terms of prevention and preparation, you will develop and maintain incident management procedures and playbooks, ensure incident response plans are up-to-date and tested regularly, and train team members on incident response procedures. By reviewing incident patterns to identify systemic issues and working with teams to implement preventive measures, you will play a crucial role in maintaining operational stability. To be successful in this role, you should have 7-11 years of experience in Major Incident Management for UK/US clients, with the ability to manage global incidents across multiple data center environments. Strong communication and analytical skills are essential, along with the willingness to work 24/7, including night shifts, and the ability to multitask effectively. Knowledge of FIS products and services, as well as the financial services industry, will be considered an added bonus. At FIS, we offer you a multi-faceted job with a broad spectrum of responsibilities, a modern international work environment, and a dedicated and innovative team. Professional education and personal development opportunities are also available to help you further your career. If you are looking for a work environment built on collaboration, flexibility, and respect, FIS could be your final career step. FIS is committed to protecting the privacy and security of all personal information processed to provide services to clients. Our recruitment model is primarily based on direct sourcing, and we do not accept resumes from recruitment agencies that are not on our preferred supplier list. We are dedicated to fostering a diverse and inclusive workplace where all employees feel valued and respected.,

The Information Security Officer (ISO) at Wishfin plays a crucial role in safeguarding the organization's information assets and technologies. Reporting to the Technical Lead, you will be at the forefront of establishing and maintaining the enterprise vision and strategy to ensure robust protection against security risks. As an ISO, your key responsibilities will include identifying, assessing, and prioritizing potential security risks to systems, data, and networks. You will develop and implement effective strategies to mitigate these risks while ensuring compliance with regulations such as GDPR and PCI DSS. Leading incident response efforts, you will be responsible for investigating, containing, and resolving security incidents, as well as implementing preventive measures. Developing and enforcing security policies, standards, and procedures to safeguard sensitive information will be a core part of your role. You will also be tasked with delivering security awareness training programs to educate employees on best practices and compliance requirements. Assessing the security posture of third-party vendors and collaborating with IT and engineering teams to design secure architectures for systems will be among your responsibilities. Regular security audits, assessments, and compliance reviews will be conducted by you, in addition to deploying and managing security monitoring tools for real-time threat detection. Establishing and chairing a security governance committee to oversee initiatives and provide strategic direction will also be part of your duties. You will prepare and present reports on information security status to senior management and stakeholders. To qualify for this role, you must possess a Bachelor's degree in Computer Science, Information Technology, or a related field. Professional certifications such as CISSP, CISM, or CISA are advantageous but not mandatory. Two years of experience in information security roles, particularly in risk management, compliance, and incident response within fintech or financial services, is required. Familiarity with security frameworks and regulatory requirements, as well as strong communication skills and an analytical mindset, are essential for success in this position. If you meet the qualifications and are interested in this opportunity, please apply or send your updated resume to hrteam@wishfin.com.,

We are reaching out regarding an exciting opportunity in Cybersecurity Operations Leadership with a global organization known for innovation and resilience in cyber defense. In this role, you'll lead a 24x7 global Security Operations Center (SOC) and drive strategy and execution across threat detection, incident response, forensics, and automation using tools like Splunk, Phantom, CrowdStrike, and Tanium. Youll work closely with audit and compliance teams and ensure security operations are aligned with regulatory and industry best practices (NIST, MITRE ATT&CK, ISO 27001). Key Highlights: Lead SOC teams and security incident response globally Enhance SIEM/SOAR platforms, automate detection & response Hands-on experience with forensic tools, cloud security (AWS/Azure), and vulnerability management Strategic reporting, playbook creation, and regulatory compliance Preferred certifications: CISSP, CISM, GCIH, GCFA, CEH, or equivalent Experience: 10–15 years with at least 3–5 years in Cybersecurity Operations If you’re passionate about building world-class cybersecurity defense mechanisms and enjoy leading high-performing teams, we’d love to speak with you!

As an experienced L3 SOC Analyst, you will play a crucial role in managing security incidents and ensuring the protection of our clients" data and systems. You will be responsible for utilizing your expertise in SIEM tools such as QRadar, Sentinel, or Splunk to detect and respond to security threats effectively. Your strong knowledge of attack patterns, Tools, Techniques, and Procedures (TTPs) will be essential in identifying and mitigating risks. Your primary responsibilities will include acting as an escalation point for high and critical severity security incidents, conducting thorough investigations to assess impact, and analyzing attack patterns to provide recommendations for security improvements. You will also be actively involved in proactive threat hunting, log analysis, and collaborating with IT and security teams to enhance security processes effectively. In addition to hands-on experience with system logs, network traffic analysis, and security tools, your ability to identify Indicators of Compromise (IOCs) and Advanced Persistent Threats (APTs) will be crucial in ensuring the detection of potential threats. You will be expected to document and update incident response processes, participate in team meetings and executive briefings, and train team members on security tools and incident resolution procedures. Your proficiency in setting up SIEM solutions, troubleshooting connectivity issues, and familiarity with security frameworks and best practices will be considered advantageous. Your role will require you to provide guidance on mitigating risks, improving security hygiene, and identifying gaps in security processes to propose enhancements effectively. Join us at UST, a global digital transformation solutions provider with a deep commitment to innovation and agility. With over 30,000 employees in 30 countries, we partner with the world's best companies to drive real impact through transformation. If you are passionate about cybersecurity and eager to make a difference, we welcome you to be a part of our team and help us build for boundless impact, touching billions of lives in the process.,

As a member of Velsera, you will be part of a team dedicated to accelerating the discovery, development, and delivery of life-changing insights in the field of medicine. Our company, established in 2023 through a collaboration between Seven Bridges and Pierian, provides software and professional services for various crucial areas such as AI-powered multimodal data harmonization and analytics for drug discovery and development, IVD development, validation, and regulatory approval, as well as clinical NGS interpretation, reporting, and adoption. With our headquarters based in Boston, MA, we are continuously growing and expanding our teams across different countries. Your primary responsibilities at Velsera will include designing and developing high-performance, scalable, and secure web applications. This involves utilizing React 18+ for front-end development and NestJS 8+ and Node.js 18+ for back-end development. You will also be tasked with architecting, building, and maintaining reusable components and front-end libraries that support complex applications, as well as implementing and managing APIs using RESTful services. Optimizing applications for maximum performance and scalability will be a key aspect of your role, along with collaborating closely with cross-functional teams including UI/UX designers, product managers, and DevOps engineers. Ensuring best practices in code quality, security, and maintainability through code reviews and testing is essential, as is troubleshooting and resolving complex technical issues in both front-end and back-end layers. To be successful in this role, you are required to have a Bachelor's degree in Engineering or a Master's degree in Computer Science. You should also possess experience in leading distributed or remote development teams, familiarity with DevOps practices and tools for continuous integration and delivery, and proficiency in Agile/SAFe development methodologies and associated tools for tracking. Strong knowledge of Javascript & MERN stack for development, experience with AWS Cloud services, and expertise in Microservices Architecture are must-have skills. Additionally, you should be adept at designing and maintaining scalable applications, working with Mongo DB and postgres DB, and demonstrating technical proficiency in development, cloud services, code quality, unit testing, CI/CD, debugging, and optimization. Maintaining a customer-centric mindset, following secure coding practices, adhering to compliance regulations, and taking end-to-end ownership of assigned features or modules are critical aspects of this role. Your involvement in agile development practices, quarterly planning sessions, iteration execution, team collaboration, communication using tools like Microsoft Teams, Jira, and Confluence, and coordination with global and cross-functional teams will be essential for success. At Velsera, we offer a flexible and hybrid work model to support work-life balance, as well as an engaging and fun work culture with vibrant workplace events, celebrations, and activities that make every workday enjoyable.,

About Rippling Rippling, based in San Francisco, CA, has secured over $1.4B from renowned investors such as Kleiner Perkins, Founders Fund, Sequoia, Greenoaks, and Bedrock. The company has been recognized as one of America's best startup employers by Forbes. Rippling prioritizes candidate safety, ensuring that all official communications are exclusively sent from @Rippling.com addresses. About The Role Rippling is seeking an experienced Security Engineer to join the Detection and Response Team (DART). As a member of the team, you will play a crucial role in establishing a top-notch incident response function that effectively handles challenging security incidents. Your responsibilities will include driving process enhancements, fostering an open culture of learning from mistakes, and constructing the necessary tools and detection infrastructure to scale our threat response capabilities across both Production and Corporate environments. What You Will Do - Respond promptly to security events, conduct triage, investigations, and incident analysis, and communicate findings effectively to stakeholders. - Contribute to the enhancement of processes, procedures, and technologies for detection and response to ensure continual improvement post-incident. - Develop and manage tools for collecting security telemetry data from cloud-based production systems. - Automate workflows to streamline identification and response times for security events. - Create and refine detection rules to focus efforts on critical alerts. - Establish runbooks and incident playbooks for new and existing detections. - Lead Threat hunting practices, recommend signals for detecting attacks in product and infrastructure, and incorporate discoveries into security controls. What You Will Need - Minimum of 12 years of full-time experience as a security engineer, encompassing security monitoring, incident response, and threat hunting in a cloud environment. - Possess a defensive mindset while understanding offensive security and the scenarios leading to compromise. - Proven experience in managing complex investigations involving numerous stakeholders. - Excellent communication skills with a track record of effectively engaging with internal and external stakeholders of all levels. - Expertise in AWS security controls and services. - Proficiency in coding for automation, alert enrichment, and detections. - Familiarity with adversary tactics, techniques, and procedures (TTPs) and MITRE ATT&CK principles. - Hands-on experience in data analysis, modeling, and correlation at scale. - Strong background in operating systems internals and forensics for macOS, Windows, and Linux. - Domain expertise in handling current SIEM and SOAR platforms. - Experience in developing tools and automation using common DevOps toolsets and programming languages. - Understanding of malware functionality and persistence mechanisms. - Ability to analyze endpoint, network, and application logs for unusual events. Additional Information Rippling places significant value on having in-office employees to promote a collaborative work environment and company culture. For office-based employees residing within a specified radius of a Rippling office, working in the office for at least three days a week is considered an essential function of their role under the current policy.,

Job Title: Security Operations / Security Analyst (SOC Orange Team) Job Summary: We are seeking a skilled and motivated Security Analyst to join our Security Operations Center (SOC) Orange Team. The ideal candidate will possess hands-on experience in firewall and SIEM tools, with strong analytical and troubleshooting skills in managing security infrastructure. This role is critical in monitoring, auditing, and enhancing the organizations cybersecurity posture. Key Responsibilities: Manage and maintain network security appliances, with a primary focus on Fortinet firewalls . Conduct firewall rule auditing and configuration reviews to ensure alignment with security best practices. Utilize and monitor SIEM tools such as Splunk , QRadar , and SentinelOne for threat detection and incident response. Understand how SIEM systems operate, and demonstrate hands-on experience in usage (L1 and L2) . Create and manage SOAR/XOAR playbooks , including design, development, and implementation . Perform log analysis , incident detection, and threat intelligence correlation. Collaborate with internal teams to strengthen security controls and implement corrective actions. Stay current with emerging security threats and recommend appropriate defensive measures. Required Skills and Experience: Proven experience in managing routers and firewalls , especially Fortinet, following industry best practices. Strong expertise in firewall rule auditing and security configuration management . Practical experience with SIEM platforms : Splunk, QRadar, SentinelOne usage experience is essential (configuration knowledge is a plus). Understanding of SOC operations and incident lifecycle management . Knowledge of SOAR/XOAR platforms and ability to build and customize automated response playbooks. Familiarity with security event analysis, alert triage, and escalation procedures. Preferred Qualifications: Certifications such as Fortinet NSE , Splunk Certified , Security+ , or equivalent. 25 years of experience in a SOC environment or cybersecurity operations. Strong communication and documentation skills.

C&W Services is looking for Manager - Security to join our dynamic team and embark on a rewarding career journey Security Strategy: Developing and implementing a comprehensive security strategy aligned with the organization's goals and risk tolerance Risk Assessment: Conducting risk assessments and identifying potential security vulnerabilities and threats to the organization Security Policies and Procedures: Establishing and enforcing security policies, procedures, and guidelines for the organization Security Operations: Overseeing day-to-day security operations, including access control, surveillance, and incident response Security Awareness Training: Providing security awareness training to employees and stakeholders to promote a security-conscious culture Compliance: Ensuring compliance with relevant security standards, regulations, and best practices Security Incident Management: Managing security incidents, conducting investigations, and implementing corrective actions Security Technologies: Evaluating, selecting, and implementing security technologies and solutions, such as firewalls, antivirus, and intrusion detection systems

Develop and implement organization-wide information security policies and practices Monitor IT infrastructure for security incidents and lead the incident response process Conduct regular risk assessments, vulnerability scans, and audits Ensure compliance with relevant standards and regulations (e.g., ISO 27001, SOC 2, GDPR, PCI-DSS) Manage the deployment and monitoring of security tools (firewalls, SIEM, DLP, IDS/IPS, endpoint protection) Coordinate with internal teams and third-party vendors to ensure secure systems and operations Lead and guide the security awareness and training program across departments Handle internal and external security audits, and ensure timely closure of findings Stay updated with emerging threats, security trends, and regulatory changes Collaborate with the IT, DevOps, and legal teams to ensure secure development and compliance

Senior Cyber Security Partner | 8+ yrs exp | Lead threat modeling, secure SDLC, cloud security (AWS/Azure/GCP), compliance (OWASP/NIST/ISO), incident response, mentoring, and tool evaluation. Pref: CISSP/CISM/CEH. Hybrid – Bengaluru.

Shift : 9x5 Job Description for Threat Hunter/TIP admin Skillset Must : Network forensic (Packet Capture andRe-Construction Capability), Knowledge on Threat Intelligence Platform (TIP)/Anti APT/ EDR Certified with any threat hunting certification,or equivalent . Responsible for conducting all threat-huntingactivities necessary for identifying the threats including zero day. Hunt for security threats, identify threat actorgroups and their techniques, tools and processes. Strong knowledge of APT lifecycle, tactics,techniques, and procedures (TTPs). Familiarity with MITRE ATT&CK framework andmapping threats to techniques. Provide expert analytic investigative support toL1 and L2 analysts for complex security incidents. Proficiency in malware behavior analysis andsandboxing. Perform analysis of security incidents forfurther enhancement of rules, reports, AI/ML models. Perform analysis of network packet captures,DNS, proxy, NetFlow, malware, host-based security and application logs, as wellas logs from various types of security sensors uncovering the unknown aboutinternet threats and threat actors. Analyse logs, alerts, suspicious malwaressamples from all the SOC tools, other security tools deployed such asAnti-Virus, Anti APT solutions, EDR, IPS/IDS, Firewalls, Proxies, ActiveDirectory, Vulnerability assessment tools etc. Using knowledge of the current threat landscape,threat actor techniques, and the internal network, analyze log data to detectactive threats within the network. Build, document and maintain a comprehensivemodel of relevant threats to customer. Proactively identify potential threat vectorsand work with team to improve prevention and detection methods. Identify and propose automated alerts for newand previously unknown threats. Incident Response for identified threats. Strong knowledgeof APT lifecycle, tactics, techniques, and procedures (TTPs). Hands-onexperience with Trellix (formerly McAfee) APT solutions, EDR, and ThreatIntelligence. Proficiency inmalware behavior analysis and sandboxing. Familiarity withMITRE ATT&CK framework and mapping threats to techniques. Experience withsecurity monitoring tools such as SIEM, SOAR, EDR, and Threat IntelligencePlatforms (TIPs). Solidunderstanding of network protocols, endpoint protection, and intrusiondetection systems. Required Qualifications: Education: B.E./B.Tech/MCA/M.Sc. in Computer Science or Information Technology. Experience: Minimum 6+ years of relevant experience in Security Operations, Threat Detection, or Incident Response. Certification : CSA/CEH

Experience Required: 4+ years in Cybersecurity, with 2+years hands-on any threat intelligence platform Reports To: Security Operations Lead / SOC Manager Location: Jaipur Job Type: Full-time, Customer locations Job Summary: We are seeking a skilled Threat IntelligenceEngineer/Analyst with hands-on experience in managing and operating a UnifiedThreat Intelligence Platform (UIP). The ideal candidate will be responsible forintegrating, enriching, analyzing, and disseminating threat intelligence acrosssecurity systems (SIEM, SOAR, EDR) to enhance threat detection, hunting, andresponse efforts. Key Responsibilities: Administer and maintain the Unified Threat Intelligence Platform (e.g., MISP, Anomali, ThreatConnect, EclecticIQ, TIP from commercial vendors). Should have worked on any of the TI platform. Experience in Recorded future preferred. Aggregate, normalize, and enrich threat intel feeds from internal, commercial, and open-source sources (OSINT). Map Indicators of Compromise (IOCs), TTPs, and threat actor profiles using frameworks such as MITRE ATT&CK and STIX/TAXII. Integrate UIP with SIEM, SOAR, and EDR platforms to enable automated threat correlation and alert enrichment. Analyze and prioritize threat intelligence based on relevance, risk level, and business impact. Coordinate with threat-hunting and SOC teams to enable actionable use of threat intelligence. Create and manage threat intelligence dashboards, reports, and alerts. Continuously improve threat ingestion, enrichment pipelines, and integration workflows. Required Skills and Qualifications: Solid understanding of Threat Intelligence lifecycle: collection, processing, analysis, dissemination. Experience with commercial or open-source TIP/UIP tools (e.g., MISP, ThreatConnect, Anomali, EclecticIQ). Strong knowledge of STIX/TAXII, OpenIOC, YARA, Sigma rules. Experience integrating threat intel into SIEM (e.g., Splunk, QRadar, Sentinel) and SOAR platforms. Familiarity with threat actor behavior, campaigns, malware families, and IOC tracking. Working knowledge of scripting (Python preferred) for automation and data transformation. Ability to analyze complex data and present threat intelligence in clear, actionable formats. Education Requirements : BE, B.Tech in IT/CS/ECE, BCA, BSc CS and MCA Certification : CEH/CSA/ NBAD certification

Experience Required: 4+ years in Cybersecurity, with 2+years hands-on Anti APT tool and in IR Reports To: Security Operations Lead / SOC Manager Job Summary: We are looking for a highly skilled Anti-APT and IncidentResponse Specialist to lead the detection, analysis, and remediation ofsophisticated cyber threats, including Advanced Persistent Threats (APTs). Thecandidate will work closely with threat intelligence, SOC, and forensic teamsto respond to incidents, contain threats, and fortify the environment againstfuture attacks. Key Responsibilities: Anti-APT Operations: Monitor for indicators of APT campaigns using threat intelligence feeds, SIEM, EDR, NBAD, and anomaly detection tools. Identify and analyze tactics, techniques, and procedures (TTPs) used by threat actors aligned with MITRE ATT&CK. Leverage threat intelligence to proactively hunt and neutralize stealthy threats. Incident Response (IR): Lead and execute all phases of incident response: identification, containment, eradication, recovery, and lessons learned. Perform forensic analysis on systems and logs to determine the root cause, scope, and impact of security incidents. Collaborate with IT, SOC, and legal/compliance teams during major incidents and breach investigations. Create and maintain IR playbooks, response workflows, and escalation procedures. Detection and Prevention: Work with SIEM and SOAR teams to improve alert fidelity and develop custom correlation rules. Coordinate with endpoint, network, and cloud teams to plug gaps and strengthen defenses post-incident. Assist in configuring anti-APT technologies like sandboxing, deception platforms, and EDR/XDR solutions. Required Skills and Qualifications: Strong knowledge of APT groups and attack frameworks (e.g., MITRE ATT&CK, Lockheed Martin Kill Chain). Hands-on experience in incident response, digital forensics, threat hunting, and malware analysis. Proficiency with tools such as: EDR (e.g., CrowdStrike, SentinelOne, Carbon Black) SIEM (e.g., Splunk, QRadar, ArcSight) Forensics tools (e.g., FTK, EnCase, Volatility) Threat intel platforms (MISP, Anomali, ThreatConnect) Strong understanding of Windows/Linux internals, memory/process analysis, and network forensics. Experience writing detection rules (Sigma, YARA) and incident reports. Preferred Qualifications: Certifications: GCIH, GCFA, GNFA, CHFI, OSCP, or similar. Experience with APT campaigns linked to sectors like government, BFSI, or critical infrastructure. Exposure to cloud incident response (Azure, AWS, GCP) and OT/ICS threat environments. Education Requirements : BE, B.Tech in IT/CS/ECE, BCA, BSc CS and MCA Certification : CEH/CSA/CHFI

Roles/Responsibilities: Experiencein SIEM Tool like ArcSight, LogRhythm SIEM, Threat Intelligence, MalwareAnalysis, Incident Response Experiencein handling SOC customer in MSSP/multi-tenant environment Responsiblefor the technical Administration or troubleshooting in SIEM ensuring theefficient functionality of the solution Responsiblefor Incident Validation, Incident Analysis, Solution Recommendation, Good knowledge on implementation,installation, integration troubleshooting and overall functionalities of LogRhythm/ArcSight/QRadar/Splunk Arc Sight/LR/QRadar platformadministration, management experience, platform upgrade Experience in troubleshooting platformrelated issues, Data backup, restoration, retention Experience in creating content basedon MITRE Framework Exposure to SOAR, alert aggregation,automation, Playbook creation ArcSight/LRrule base fine tuning, Ongoing log source modifications, Configuration/policychanges, General SIEM Administration, SIEM Content Development Troubleshootingof an incident within IT Security incident response teams of SOC. Maintainsawareness of new and emerging cyber-attack threats with potential to harmcompany systems and networks. Devises and implements countermeasures tomitigate potential security threats. Assistswith the development and maintenance of IT security measurement and reportingsystems to aid in monitoring effectiveness of IT Security programs. Assistswith the development, revision, and maintenance of Standard OperatingProcedures and Working Instructions related to IT Security. Good Coordination skills with variousother teams for faster resolution/completion. Good to have threat huntingknowledge. Education/Skills: BE/B.Techor equivalent with minimum 7-10 years of experience Workexperience of minimum 6 years in SOC Incident Handling, Incident Response TrendAnalysis, administration/monitoring of SIEM Tool like ArcSight, LogRhythm SIEM,Threat Intelligence, Malware Analysis, Abilityto adapt and follow the processes and guidelines Possessan impeccable work ethic and a high degree of integrity GoodAnalytical & Problem Solving skills Ableto communicate with technical staff/management Flexibleto work after office and over weekend if required Highlymotivated & customer centric

Role Purpose The purpose of this role is to analyse, identify, rectify & recommend specific improvement measures that help in the security posture of the organization by protecting the sensitive information Do Ensuring customer centricity by providing apt cybersecurity Monitoring and safeguarding the log sources and security access Planning for disaster recovery in the event of any security breaches Monitor for attacks, intrusions and unusual, unauthorized or illegal activity Performs moderately complex log reviews and forensic analysis to identify unauthorized or unacceptable access to data or systems Conduct security assessments, risk analysis and root cause analysis of security incidents Handling incidents escalated by the L1 team in 24x7 rotational shifts Use advanced analytics tools to determine emerging threat patterns and vulnerabilities Completing all tactical security operations tasks associated with this engagement. Analyses all the attacks and come up with remedial attack analysis Conduct detailed analysis of incidents and create reports and dashboards Stakeholder coordination & audit assistance Liaise with stakeholders in relation to cyber security issues and provide future recommendations Maintain an information security risk register and assist with internal and external audits relating to information security Assist with the creation, maintenance and delivery of cyber security awareness training for colleagues Advice and guidance to employees on issues such as spam and unwanted or malicious emails Mandatory Skills: Security Incident Response. Experience: 5-8 Years.

As a Cloud Administrator at our organization, you will be responsible for the efficient administration, optimization, and secure operation of cloud infrastructure hosted on platforms such as AWS, Azure, or hybrid environments. In addition to managing cloud resources, you will also oversee on-premises servers, virtualization platforms, and related core infrastructure components. Collaborating closely with SAP and Application teams, your role will involve ensuring high availability, system performance, cost-efficiency, and compliance for both cloud and on-prem environments. You will be responsible for tasks such as identity and access control, monitoring, backup, automation, and support for enterprise platforms including SAP, collaboration tools, and other critical applications. Your key responsibilities will include managing hybrid cloud and on-premises infrastructure, administering cloud resources and services across platforms, monitoring system uptime, capacity, and performance, coordinating hardware lifecycle activities, supporting connectivity between cloud and on-prem environments, implementing security controls, monitoring system health, incident response, disaster recovery planning, compliance management, cost optimization, and supporting enterprise workloads such as SAP. To be successful in this role, you should hold a Bachelor's or Master's degree in IT, Computer Science, or a related field, with a minimum of 10 years of overall IT experience and at least 5 years in cloud administration. Relevant certifications such as AWS Certified SysOps Administrator or Solutions Architect are preferred. You should have a strong understanding of public cloud platforms, virtualization platforms, identity and access control principles, cloud networking concepts, and proven experience in administering servers, implementing backup strategies, troubleshooting performance issues, and enforcing cloud cost optimization. If you possess excellent problem-solving, communication, and leadership skills, and have a passion for ensuring the efficient and secure operation of cloud infrastructure in enterprise environments, we invite you to apply for the role of Cloud Administrator at our organization.,

The Impact You'll Make Danfoss Power Solutions designs and manufactures a complete range of engineered components and systems. From hydraulics and electrification to fluid conveyance, electronic controls, and software, our solutions are engineered with an uncompromising focus on quality, reliability, and safety. Join us at our site in Pune/ Remote as a Cyber Security Embedded Software Engineer (m/f/d) to contribute to state-of-the-art secure solutions in our product designs. What You'll Be Doing As a Cyber Security Embedded Software Engineer for Embedded Operating Systems (EOS), you are a security expert ensuring that we develop and implement secure designs in our EOS products which protect us against all types of cybercrime techniques for hardware and embedded software. To be more precise, your tasks will be the following: - Designing and implementation of cyber security technical measures (Secure Boot and Secure Software update mechanisms, etc.) - Defining/reviewing technical security requirements - Vulnerability assessments, classifying, prioritizing, and fixing issues - Conducting Threat Assessment for new and existing products - Responding to incidents and implementing corrective measures for security breaches - Cyber Security Culture development through team internal training and coaching What We're Looking For For this position, you have an educational background in Embedded Software or a similar field and several years of practical experience from a similar role. Further requirements are: - Experience with systematic embedded software development - Expertise in international cyber security regulation and standards - CISSP, CSSLP, or CEH certification preferred - Great team-player qualities and the ability to work in a cross-functional environment - Creative, analytical, structured, and proactive approach as well as a positive mindset - Fluency in English What You'll Get from Us We promote from within and support your learning with mentoring, training, and access to global opportunities. You'll have flexibility, autonomy, and support to do your best work while maintaining a healthy work-life balance. Your well-being matters to us. We strive to create an inclusive work environment where people of all backgrounds are respected and valued for who they are. You'll receive benefits like the 13th salary, annual bonus, paid vacation, pension plans, personal insurance, and more. These vary by country and contract, but they're worth asking aboutwe think they're pretty great. Ready to Make a Difference If this role excites you, we'd love to hear from you! Apply now to start the conversation and learn more about where your career can go with us.,

As an Email Security Engineer located in Noida, you will play a pivotal role in the design, implementation, and management of advanced email security solutions. With a B.Tech./MCA or equivalent educational background and technical certification, you are positioned to provide fourth-tier support for email security issues, resolving complex technical problems efficiently. Your responsibilities include designing and implementing email security architectures encompassing encryption, anti-phishing, and anti-spam solutions. You will lead the investigation and resolution of high-severity email security incidents, conducting forensic analysis and delivering detailed incident reports. Your expertise in threat intelligence will allow you to develop strategies to mitigate risks and ensure compliance with relevant regulations and standards. Collaboration with other security teams is essential to integrating email security measures within the organizational security framework. Moreover, you will be responsible for conducting regular audits and assessments to verify compliance and optimize the performance of email security solutions. Your role as an Email Security Engineer positions you as a key player in safeguarding the organization's email communications against advanced threats. Your technical experience should demonstrate a strong knowledge of security principles, standards, and techniques. Professional attributes such as adaptability to work in shifts, willingness to travel to other locations as needed, openness to learning new technologies through cross-training and upskilling, and excellent communication and presentation skills are essential for success in this role.,

As an experienced Platform Engineer with a focus on Infrastructure as Code (IaC), DevOps practices, and orchestration tools, you will play a pivotal role in leading resilient engineering initiatives across various technology domains. Your responsibilities will encompass overseeing the design and implementation of robust engineering solutions in both cloud-based and on-premises environments. You will also spearhead chaos engineering efforts to proactively identify and address potential system weaknesses, ensuring high availability and seamless disaster recovery processes. Collaboration will be a key aspect of your role as you engage with diverse teams within the organization to align and prioritize resiliency and recovery efforts. Your expertise in automation tools such as Ansible will be instrumental in streamlining processes and enhancing the overall resiliency posture of the technology organization. Additionally, you will be actively involved in incident response and recovery processes, integrating post mortem analyses to identify areas for improvement. Your extensive experience in platform engineering, coupled with a Bachelor's degree or equivalent qualification, will be invaluable in architecting and deploying enterprise-level solutions that prioritize system uptime and data integrity. Your ability to design systems that support massive transaction volumes and facilitate seamless disaster recovery will be put to the test as you navigate the complexities of multi-AZ and multi-Region cloud platforms. Furthermore, your proficiency in chaos engineering principles, observability solutions, and Agile development methodologies will be crucial in driving continuous improvement and resilience within the technology organization. Your dedication to customer needs, combined with excellent communication skills, will enable you to build lasting relationships and articulate complex resilience strategies effectively. If you have a proven track record of success in managing mission-critical systems, a strong technical background in infrastructure and service architecture, and a passion for driving innovation in resiliency and recovery, we invite you to join our team and make a significant impact on our technology landscape.,

As a professional in the role, you will be responsible for assessing and mitigating risks associated with Data Loss Prevention (DLP) solutions. Your duties will include the administration of DLP tools, such as configuring policies, monitoring alerts, and responding to incidents. You will also collaborate with stakeholders and data owners to deploy DLP policies effectively. It is essential for you to enhance your expertise in best practices for Data Protection and ensure a continuous process of improvement in utilizing DLP tools. Troubleshooting, identifying new features, and working with the DLP technology will be part of your routine tasks. Moreover, you will work closely with the business to identify and implement improvements in existing technical models for data protection. Your role will involve identifying gaps in current alerting platforms and recommending enhancements to evolve capabilities. You will review risk scoring models regularly to focus on significant security events and business needs adequately. Additionally, you will liaise with the GRC & CISO function to configure DLP policies, respond to escalations, and support incident response processes effectively. Furthermore, you will collaborate with legal and compliance teams to ensure customer privacy initiatives align with regulatory requirements. Your ability to research and resolve technical issues independently, maintain integrity in a professional environment, and effectively communicate recommendations will be crucial for success in this role. In terms of qualifications, you should have at least 5 years of experience in Information Security Technology, with a focus on Governance, Risk & Compliance. You must possess expertise in Data Loss Prevention (DLP) technology implementation, support, and event handling processes. Strong analytical skills, subject matter expertise, and effective communication abilities are essential for this position. Experience in administering DLP tools, knowledge of Windows and MAC endpoints, and a proven track record of addressing complex security issues will be beneficial.,